Windows Vista used as bait in aggressive image spam campaign

Sophos is reminding computer users of the threat posed by image spam following a new campaign which purports to offer a cut-price edition of Microsoft Windows Vista.

Image spam, which uses a graphic embedded in an email rather than regular text, has grown in popularity amongst spammers attempting to communicate their marketing messages to internet users. Often image spam is used for promoting stock pump-and-dump scams or drugs to help with weight loss and sexual performance. However, in the latest widespread campaign seen by Sophos, image spammers are offering a bargain edition of Microsoft’s new operating system, Windows Vista. The spam email claims that the recipient can save USD 319.05 by downloading Windows Vista today.

“This widespread spam campaign carries all the hallmarks of a typical image spam. The spammer has added speckled noise in the form of random pixels to make the graphic slightly different on each sending, and users are told to type in the name of the website rather than clicking on a link,” said Graham Cluley, senior technology consultant for Sophos. “Approximately 30% of all spam now uses images to try and sneak past anti-spam filters. Computer users need to ensure that they have strong defences in place or they will continue to be bombarded by nuisances like this.”

It is unclear whether acting upon the spam would furnish the computer user with a pirated edition of Windows Vista or simply steal their credit card details. Whatever the ruse, Sophos recommends that users do not fall into the spammer’s trap.

“The growth of image spam is one of the security stories of the year. Computer users should make it their New Year’s resolution to get wise to internet threats in 2007,” continued Cluley. “It’s worrying just how poorly educated people are about web and email threats. System administrators and security geeks know about informative websites like GetSafeOnline but the average man in the street hasn’t got a clue.”